[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e61f9406de1 selftest:Samba4: run fl2003dc without security context
multiplexing
via ea0a7041771 selftest:Samba4: run the raw_protocol test with a limit
of 8 auth contexts
via 7bc6ec81c85 s4:rpc_server: implement security context multiplexing
via a0b230631bc py:dcerpc/raw_protocol: add tests to demonstrate how
security context multiplexing works
via 3f535ed1adf py:dcerpc/raw_testcase: add assertEqualsStrLower()
via 1d7930c8ad2 pidl/Python: use py_dcerpc_ndr_pointer_wrap/deref if
multiple pointer levels are used
via 8bd0f4405a3 s4:pyrpc: add py_dcerpc_ndr_pointer_deref/wrap()
infrastructure
via ae467704f3f s4:pyrpc: make use of pytalloc_get_type() in
py_dcerpc_syntax_init_helper()
via 4bb3a66ae13 s4:rpc_server/lsa: specify \pipe\lsass as
ncacn_np_secondary_endpoint
via 98d58722933 s4:rpc_server: make it possible to specify
ncacn_np_secondary_endpoint
via a650120d2ec py:dcerpc/raw_protocol: demonstrate that \pipe\lsarpc
returns \pipe\lsass as secondary_address
via b3659fb52d8 s4:rpc_server: only share assoc group ids on the same
transport
via a8feb556318 py:dcerpc/raw_protocol: add test_assoc_group_fail3()
via c192dc1c9d2 s4:rpc_server: don't replace '\pipe\' with '\PIPE\'
via b1c6b954a15 py:dcerpc/raw_protocol: add test_assoc_group_ok2 to
check assoc groups over ncacn_np
via 276286caa97 selftest:Samba4: allow dcerpc auth level connect:lsarpc
= yes in chgdcpass
via aa3f1f86c0c py:dcerpc/raw_protocol: enable tests with the
DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN bit
via 975e8e1f254 s4:rpc_server: fix DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
negotiation to match Windows
via fb9f613364d py:dcerpc/raw_protocol: consistently call
self.recv_pdu(timeout=0.01) after auth3
via 5466ed1232e py:dcerpc/raw_protocol: add tests for delayed header
signing activation
via d47f9af7cbb py:dcerpc/raw_testcase: add pfc_flags_2nd and use_auth3
options to do_generic_bind()
via 6f53c993723 s4:rpc_server: SMB_ASSERT(auth->auth_finished); in
order to get auth details
via e9eb8e6a447 s4:rpc_server: only pass context to op_bind() hooks
via 70b00c7567a s4:rpc_server: only use context within op_bind() hooks
and dcesrv_interface_bind_*() functions
via 28f4cb442c3 s4:rpc_server: remove unused
dcesrv_connection_context->private_date
via 792b6b9d697 s4:rpc_server: remove unused
dcesrv_assoc_group->proxied_id
via 2ed7db445bf s4:rpc_server/winreg: don't cache an ldb connection per
presentation context
via 9616f6b8bc9 s4:rpc_server/remote: make use
dcesrv_iface_state_{store,find}_{assoc,conn}() helpers
via 9d387919f61 s4:rpc_server/remote: introduce struct
dcesrv_remote_call
via a8134191ec0 s4:rpc_server/remote: defer the connect to the first
client request
via 199d4ba7ac4 s4:rpc_server/remote: fail the connection if the remote
server don't support MPX
via 954dd89f511 selftest: use "dcerpc_remote:allow_anonymous_fallback =
yes" for rpc_proxy
via 3a17389e1be s4:rpc_server/remote: add
dcerpc_remote:allow_anonymous_fallback option
via 23d1393a5f2 s4:rpc_server/remote: reformat code to get
"dcerpc_remote:use_machine_account"
via d9b88ccd811 s4:rpc_server/remote: reformat code to get
"dcerpc_remote:binding"
via 1f348d077b2 s4:rpc_server/remote: remote_op_bind already has the
table available
via 965abe8e1a5 s4:rpc_server/remote: introduce remote_get_private()
via 245a0ef73f8 s4:rpc_server/dnsserver: make use of
dcesrv_iface_state_{create,find}_conn()
via 5cbcc78a40e s4:rpc_server/netlogon: make use of
dcesrv_iface_state_{create,find}_conn()
via c76a5be87bf s4:rpc_server: add
dcesrv_iface_state_{store,find}_{assoc,conn}() helpers
via 38e0c06abc7 s4:rpc_server: move bind_time_features to
dcesrv_assoc_group
via 6b02b94d037 s4:rpc_server: add a min_auth_level to context handles
via d8293acdb4f s4:rpc_server: replace dce_conn->allow_request with
auth->auth_finished
via 13e52cc9292 s4:rpc_server: replace dce_conn->allow_auth3 with
auth->auth_started
via 0191516efcb s4:rpc_server: set auth_invalid = true on disconnect
via b46df3a85c3 s4:rpc_server: split out
log_successful_dcesrv_authz_event()
via 76976eab01c s4:rpc_server: add some protection checks to
dcesrv_auth_prepare_gensec()
via 2640f60e885 s4:rpc_server: split out dcesrv_auth_prepare_gensec()
via e2a05c3ad86 s4:rpc_server: allocate struct dcesrv_auth with talloc
via 58021612583 s4:rpc_server: make use of
dcesrv_call_state->auth_state in dcerpc_server.c
via 097299ae7a4 s4:rpc_server: make use of
dcesrv_call_state->auth_state in common/reply.c
via 8ec932923b1 s4:rpc_server: make use of
dcesrv_call_state->auth_state in
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 168079b2c36 tevent: deprecate tevent_wrapper api again
via dcd0edfdc90 Revert "smbd: add smbd_server_connection->raw_ev_ctx
pointer"
via 47c443b4795 vfs_aio_pthread: add sync fallback
via a307e798ddf vfs_aio_pthread: store conn instead of sconn in
aio_open_private_data
via e2f46c9333e vfs_aio_pthread: use struct initializer for
aio_open_private_data
via 2f406fee523 vfs_default: add sync fallback to fsync_send/recv
via 4673a8b9e36 vfs_default: add sync fallback to pwrite_send/recv
via bc539d8104f vfs_default: add sync fallback to pread_send/recv
via 57e2fb018f2 s3:smbd: don't use async dosmode if per-thread cwd is
not available
via 5d8f495b01c s3:smbd: use passed in ev in
smbd_smb2_query_directory_send()
via 6ec96ac7098 Revert "vfs_glusterfs: explain that/why we use the raw
tevent_context in init_gluster_aio()"
via 46d3a1541a6 Revert "smbd: explain that/why we use the raw
tevent_context for update_write_time_handler()"
via bcb4723aacd Revert "smbd: explain that/why we use the raw
tevent_context for lease_timeout_handler()"
via 4036fc894f7 Revert "smbd: explain that/why we use the raw
tevent_context for oplock_timeout_handler()"
via 5afd19198b8 Revert "smbd: explain that/why we use the raw
tevent_context for do_break_to_none()"
via ac597b07069 Revert "smbd: explain that/why we use the raw
tevent_context for linux_oplock_signal_handler()"
via 523a64e25d8 Revert "smbd: use raw_ev_ctx to clear the
MSG_SMB_CONF_UPDATED registration"
via 296a15a00e4 Revert "smbd: add
smbd_server_connection->{root,guest}_ev_ctx pointer"
via 50995917905 Revert "smbd: use sconn->root_ev_ctx for
brl_timeout_fn()"
via 9d47128f7c9 Revert "smbd: use sconn->root_ev_ctx for
smbd_sig_{term,hup}_handler()"
via de10c611053 Revert "smbd: add an effective
connection_struct->user_ev_ctx that holds the event context used for the
current user"
via 88016bac86a Revert "smbd: add an effective
{smb,smbd_smb2}_request->ev_ctx that holds the event context used for the
request processing"
via 122e141b465 Revert "smbd: remove unused
smbd_server_connection->ev_ctx"
via 2a62a98f5c7 Revert "s3:messages: protect against usage of wrapper
tevent_context objects for messaging"
via 1c3676f3aa9 Revert "s3:messages: allow
messaging_{dgm,ctdb}_register_tevent_context() to use wrapper tevent_context"
via 26107832cd9 Revert "s3:messages: allow messaging_dgm_ref() to use
wrapper tevent_context"
via e2a5272ac68 Revert "s3:messages: allow
messaging_filtered_read_send() to use wrapper tevent_context"
via 0bd10a48e4c Revert "s4:messaging: make sure only
imessaging_client_init() can be used with a wrapper tevent_context wrapper"
via 78fa4408321 Revert "smbd: add [un]become_guest() helper functions"
via 3aaf7c14706 Revert "smbd: add smbd_impersonate_debug_create()
helper"
via e717c9035ef Revert "smbd: add simple noop
smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers"
via 97a7f8864f3 Revert "smbd: make use of
smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers"
via 864e985168d Revert "smbd: implement
smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers"
via ac17919ae30 Revert "smbd: avoid explicit change_to_user() in
defer_rename_done() already done by impersonation"
via 3747dcb41f1 Revert "smbd: remove unused change_to_root_user() from
smbd_sig_hup_handler()"
via 718cc7a0d70 Revert "smbd: remove unused change_to_root_user() from
brl_timeout_fn()"
via 8e03cbe868d Revert "pthreadpool: split out pthreadpool_tevent_job
from pthreadpool_tevent_job_state"
via 44900b04338 Revert "pthreadpool: add
pthreadpool_tevent_job_cancel()"
via 9e4bc1f4a9b Revert "pthreadpool: maintain a global list of orphaned
pthreadpool_tevent_jobs"
via 991ca9b5646 Revert "pthreadpool: add some lockless coordination
between the main and job threads"
via d818e51174e Revert "pthreadpool: add helgrind magic to
PTHREAD_TEVENT_JOB_THREAD_FENCE_*()"
via 7882941b733 Revert "pthreadpool: maintain a list of job_states on
each pthreadpool_tevent_glue"
via 42e2ab7e997 Revert "pthreadpool: add a comment about a further
optimization in pthreadpool_tevent_job_destructor()"
via 7fd9bc3b6e5 Revert "pthreadpool: test cancelling and freeing
pending pthreadpool_tevent jobs/pools"
via 622ba5191d9 Revert "pthreadpool: add
pthreadpool_tevent_[current_job_]per_thread_cwd()"
via f4d6c48c65b Revert "pthreadpool: add tests for
pthreadpool_tevent_[current_job_]per_thread_cwd()"
via e94cd84bbf8 Revert "pthreadpool: call unshare(CLONE_FS) if
available"
via 67015e13ca2 Revert "pthreadpool: add
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated
via cf436b6 swrap: Use #ifdef instead of #if for config.h definitions
from 9413e43 swrap: Add an overflow check
https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master
- Log -
commit cf436b6d3e1d2c85d47e76e19519e36672ac93b8
Author: Andreas Schneider
Date: Tue Nov 20 14:16:17 2018 +0100
swrap: Use #ifdef instead of #if for config.h definitions
Signed-off-by: Andreas Schneider
Reviewed-by: Volker Lendecke
---
Summary of changes:
src/socket_wrapper.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/src/socket_wrapper.c b/src/socket_wrapper.c
index a0e1df0..ca0a833 100644
--- a/src/socket_wrapper.c
+++ b/src/socket_wrapper.c
@@ -2012,7 +2012,7 @@ static bool check_addr_port_in_use(const struct sockaddr
*sa, socklen_t len)
return false;
}
break;
-#if HAVE_IPV6
+#ifdef HAVE_IPV6
case AF_INET6:
if (len < sizeof(struct sockaddr_in6)) {
return false;
@@ -2059,7 +2059,7 @@ static bool check_addr_port_in_use(const struct sockaddr
*sa, socklen_t len)
return true;
break;
}
-#if HAVE_IPV6
+#ifdef HAVE_IPV6
case AF_INET6: {
struct sockaddr_in6 *sin1, *sin2;
@@ -5303,7 +5303,7 @@ static ssize_t swrap_sendto(int s, const void *buf,
size_t len, int flags,
msg.msg_namelen = tolen; /* size of address */
msg.msg_iov = /* scatter/gather array */
msg.msg_iovlen = 1;/* # elements in msg_iov */
-#if HAVE_STRUCT_MSGHDR_MSG_CONTROL
+#ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
msg.msg_control = NULL;/* ancillary data, see below */
msg.msg_controllen = 0;/* ancillary data buffer len */
msg.msg_flags = 0; /* flags on received message */
@@ -5534,7 +5534,7 @@ static ssize_t swrap_write(int s, const void *buf, size_t
len)
msg.msg_namelen = 0; /* size of address */
msg.msg_iov = /* scatter/gather array */
msg.msg_iovlen = 1;/* # elements in msg_iov */
-#if HAVE_STRUCT_MSGHDR_MSG_CONTROL
+#ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
msg.msg_control = NULL;/* ancillary data, see below */
msg.msg_controllen = 0;/* ancillary data buffer len */
msg.msg_flags = 0; /* flags on received message */
@@ -5585,7 +5585,7 @@ static ssize_t swrap_send(int s, const void *buf, size_t
len, int flags)
msg.msg_namelen = 0; /* size of address */
msg.msg_iov = /* scatter/gather array */
msg.msg_iovlen = 1;/* # elements in msg_iov */
-#if HAVE_STRUCT_MSGHDR_MSG_CONTROL
+#ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
msg.msg_control = NULL;/* ancillary data, see below */
msg.msg_controllen = 0;/* ancillary data buffer len */
msg.msg_flags = 0; /* flags on received message */
@@ -5949,7 +5949,7 @@ static ssize_t swrap_writev(int s, const struct iovec
*vector, int count)
msg.msg_namelen = 0; /* size of address */
msg.msg_iov = discard_const_p(struct iovec, vector); /* scatter/gather
array */
msg.msg_iovlen = count;/* # elements in msg_iov */
-#if HAVE_STRUCT_MSGHDR_MSG_CONTROL
+#ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
msg.msg_control = NULL;/* ancillary data, see below */
msg.msg_controllen = 0;/* ancillary data buffer len */
msg.msg_flags = 0; /* flags on received message */
--
Socket Wrapper Repository
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated
via 9413e43 swrap: Add an overflow check
from 8ccac24 Bump version to 1.2.1
https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master
- Log -
commit 9413e433ea83095735ddb8dd080bceecde8a9b57
Author: Volker Lendecke
Date: Sat Dec 29 20:20:13 2018 +0100
swrap: Add an overflow check
Signed-off-by: Volker Lendecke
Reviewed-by: Andreas Schneider
---
Summary of changes:
src/socket_wrapper.c | 5 +
1 file changed, 5 insertions(+)
Changeset truncated at 500 lines:
diff --git a/src/socket_wrapper.c b/src/socket_wrapper.c
index df70df5..a0e1df0 100644
--- a/src/socket_wrapper.c
+++ b/src/socket_wrapper.c
@@ -4752,6 +4752,11 @@ static ssize_t swrap_sendmsg_before(int fd,
for (i = 0; i < (size_t)msg->msg_iovlen; i++) {
size_t nlen;
nlen = len + msg->msg_iov[i].iov_len;
+ if (nlen < len) {
+ /* overflow */
+ errno = EMSGSIZE;
+ goto out;
+ }
if (nlen > mtu) {
break;
}
--
Socket Wrapper Repository
